To do so, it employs a two-stage process. First a developer specifies how they will use the software and who should have access to it and under what conditions; this accessibility is in a policy specification language called Paralocks.

The second phase occurs during compilation: Using the Paralocks specification, the system analyzes how the program processes information, the compiler flags up any security risks, such as theft or modification of data, thus giving the developer the opportunity to correct any errors.